Connect with us

Huawei News

Huawei releases July 2022 security patch details

Published

on

Huawei releases July 2022 security patch details

Huawei has recently shared information regarding the HarmonyOS 3 beta. Now, the Chinese tech giant also shared the security patch details for the month of July 2022.

In July 2022 EMUI security patch details, Huawei fixes 2 critical, 12 High levels, and 18 medium levels of CVEs while there are no low levels of CVEs.

This security update includes the CVE announced in the June 2022 Android security bulletin:

Critical: CVE-2022-20130, CVE-2022-20145

High: CVE-2021-39691, CVE-2022-20006, CVE-2022-20134, CVE-2022-20135, CVE-2022-20142, CVE-2022-20143, CVE-2022-20141, CVE-2021-4154, CVE-2022-25375, CVE-2022-24958, CVE-2022-25258, CVE-2022-20132

Advertisement

Medium: CVE-2021-39806, CVE-2022-20197, CVE-2022-20201, CVE-2022-20202, CVE-2021-35118, CVE-2021-20268, CVE-2021-20321, CVE-2021-35121, CVE-2021-3635, CVE-2021-3715, CVE-2021-3743, CVE-2021-3753, CVE-2021-38160, CVE-2022-0492, CVE-2022-20148, CVE-2022-20166, CVE-2022-26966, CVE-2021-35119

Low: none

Already included in previous updates:CVE-2021-39803, CVE-2022-20007, CVE-2022-20109, CVE-2022-20110, CVE-2020-11307, CVE-2021-30264, CVE-2020-11263, CVE-2021-1894, CVE-2021-30272, CVE-2021-30274, CVE-2021-30275, CVE-2021-30278, CVE-2021-30279, CVE-2021-30282

This security update includes the following HUAWEI patches:

CVE-2021-40016: Improper permission control vulnerability in the Bluetooth module

Advertisement

Severity: Medium

Affected versions: EMUI 10.1.0, EMUI 10.1.1, EMUI 11.0.0, EMUI 12.0.0, Magic UI 3.1.0, Magic UI 3.1.1, Magic UI 4.0.0

Impact: Successful exploitation of this vulnerability will affect confidentiality.

CVE-2021-46741: Vulnerability of defects being introduced in the design process in the basic framework and settings module

Severity: Medium

Advertisement

Affected versions: EMUI 12.0.0, EMUI 11.0.1

Impact: Successful exploitation of this vulnerability will affect integrity.

CVE-2021-40012: Vulnerability of pointers being incorrectly used during data transmission in the video framework

Severity: Medium

Affected versions: EMUI 12.0.0

Advertisement

Impact: Successful exploitation of this vulnerability may affect confidentiality.

CVE-2022-31751: Multi-thread competition for resources in the kernel emcom module

Severity: Critical

Affected versions: EMUI 10.0.0, EMUI 10.1.0, EMUI 10.1.1, EMUI 11.0.1, EMUI 12.0.0, Magic UI 3.0.0, Magic UI 3.1.0, Magic UI 3.1.1

Impact: Successful exploitation of this vulnerability can affect availability.

Advertisement

CVE-2021-40013: Improper permission control vulnerability in the Bluetooth module

Severity: Medium

Affected versions: EMUI 10.1.0, EMUI 10.1.1, EMUI 11.0.0, EMUI 12.0.0, Magic UI 3.1.0, Magic UI 3.1.1, Magic UI 4.0.0

Impact: Successful exploitation of this vulnerability will affect integrity.

CVE-2022-34737: Incorrect permission assignment vulnerability in the application security module

Advertisement

Severity: Medium

Affected versions: EMUI 10.1.0, EMUI 10.1.1, EMUI 11.0.0, EMUI 11.0.1, EMUI 12.0.0, Magic UI 3.1.0, Magic UI 3.1.1, Magic UI 4.0.0

Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

CVE-2022-31755: Improper preservation of permissions vulnerability in the communications module

Severity: Medium

Advertisement

Affected versions: EMUI 11.0.1

Impact: Successful exploitation of this vulnerability can affect availability.

CVE-2022-34736: Null pointer vulnerability in the frame scheduling module

Severity: Medium

Affected versions: EMUI 12.0.0, EMUI 11.0.1

Advertisement

Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2022-34735: Null pointer vulnerability in the frame scheduling module

Severity: Medium

Affected versions: EMUI 12.0.0, EMUI 11.0.1

Impact: Successful exploitation of this vulnerability will affect availability.

Advertisement

CVE-2022-34739: Addition overflow vulnerability in the fingerprint sensor module

Severity: High

Affected versions: EMUI 10.0.0, EMUI 10.1.0, EMUI 10.1.1, EMUI 11.0.0, EMUI 12.0.0, Magic UI 3.0.0, Magic UI 3.1.0, Magic UI 3.1.1, Magic UI 4.0.0

Impact: Successful exploitation of this vulnerability may cause the data of unknown addresses to be obtained from the address mapping.

CVE-2022-34742: Read/Write vulnerability in system components

Advertisement

Severity: High

Affected versions: EMUI 10.1.0, EMUI 10.1.1, EMUI 11.0.0, EMUI 12.0.0, Magic UI 3.1.0, Magic UI 3.1.1, Magic UI 4.0.0

Impact: Successful exploitation of this vulnerability will affect confidentiality.

CVE-2022-34740: Buffer overflow vulnerability in the NFC module

Severity: Medium

Advertisement

Affected versions: EMUI 12.0.0, EMUI 11.0.1, EMUI 11.0.0, Magic UI 4.0.0

Impact: Successful exploitation of this vulnerability may cause exceptions in NFC card registration, deletion, and activation.

CVE-2022-34741: Buffer overflow vulnerability in the NFC module

Severity: Medium

Affected versions: EMUI 12.0.0, EMUI 11.0.1, EMUI 11.0.0, Magic UI 4.0.0

Advertisement

Impact: Successful exploitation of this vulnerability may cause exceptions in NFC card registration, deletion, and activation.

CVE-2022-31762: Input verification vulnerability in the AMS module

Severity: Medium

Affected versions: EMUI 11.0.1

Impact: Successful exploitation of this vulnerability will cause unauthorized operations.

Advertisement

CVE-2022-34743: Out-of-bounds read vulnerability in the AT commands of the USB port

Severity: Medium

Affected versions: EMUI 10.1.0, EMUI 10.1.1, EMUI 11.0.0, EMUI 11.0.1, EMUI 12.0.0, Magic UI 3.1.0, Magic UI 3.1.1, Magic UI 4.0.0

Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2022-34738: Permission control vulnerability in the SystemUI module

Advertisement

Severity: Medium

Affected versions: EMUI 10.0.0, EMUI 10.1.0, EMUI 10.1.1, EMUI 11.0.0, EMUI 11.0.1, EMUI 12.0.0, Magic UI 3.0.0, Magic UI 3.1.0, Magic UI 3.1.1, Magic UI 4.0.0

Impact: Successful exploitation of this vulnerability will cause the service running in the background being unable to be perceived by the user.

Join HU On Telergam

Advertisement

Huawei News

Huawei Petal Mail App will no longer be available for download

Published

on

By

Huawei Petal Mail App

According to the official information, the Huawei released the delisting announcement of its Petal Mail App. The full text of the announcement is as follows: [translated]

Thank you for your continued attention and support to the Huawei Petal Mail App. In order to better adapt to the changing needs of product experience, service content and local markets, we have made strategic adjustments to the Huawei Petal Mail App.

The Petal Mail App will officially switch to the Email App on December 31, 2024, and the Petal Mail App will no longer be available for download from the App Store. The Petal Mail App you have installed can be used normally. We apologize for the inconvenience. You can continue to view, send or receive emails in the pre-installed Email App on your Huawei phone or use a computer browser to open the Petal Mail official website ( https://www.petalmail.com ), and your emails and personal data will not be lost.

Huawei Petal Mail App

Continue Reading

Huawei News

Huawei Mate 70 lineup repair spare parts prices announced

Published

on

By

Huawei Mate 70 lineup

Huawei released the Mate 70 series of mobile phones, with a starting price of 5,499 yuan. At present, the prices of spare parts for the new Mate 70 series have been announced on Huawei’s official website.

Huawei Mate 70 lineup repair spare parts prices announced

Battery and motherboard

Mate 70

Battery — 199
12GB+256GB — 2499
12GB+512GB — 2899
12GB+1TB — 3599

Mate 70 Pro

Battery — 199
12GB+256GB — 2899
12GB+512GB — 3299
12GB+1TB — 3999

Advertisement

Mate 70 Pro+

Battery — 299
16GB+512GB — 4399
16GB+1TB — 4899

Mate 70 RS

Battery — 299
16GB+512GB — 6499
16GB+1TB — 6999

Camera

Camera

Accessories

Advertisement
Continue Reading

Huawei News

Huawei FreeBuds Pro 4 official announcement

Published

on

By

Huawei FreeBuds Pro 4

Huawei officially announced the new FreeBuds Pro 4 headphones. This is the first TWS headset equipped with HarmonyOS NEXT and will be officially launched at the Huawei Mate Brand Festival on November 26.

As can be seen from the poster, the headset adopts an in-ear design with black and gold color matching, and the overall shape is similar to the previous generation. With the support of the new system, FreeBuds Pro 4 is expected to bring more functional upgrades.

Huawei FreeBuds Pro 4

For reference, Huawei FreeBuds Pro 3 was released in September last year with an initial price of 1,499 yuan . It is equipped with the Kirin A2 chip that uses Polar code, supports Star Flash connection core technology and Bluetooth technology, and the new L2HC 3.0 protocol.

Continue Reading

Most Popular